Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/uVooKISUNKlWaJvyIloMwrXgYhY.roa
File: uVooKISUNKlWaJvyIloMwrXgYhY.roa (raw, json)
Hash identifier: eGiGT+/1GFy2YWP3cVs1p1d4QnOv0KmcPRRksWn3nho=
Subject key identifier: B9:5A:28:28:84:94:34:A9:56:68:9B:F2:22:5A:0C:C2:B5:E0:62:16
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 01933EE22E124083E231048F96239D916BA9
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/uVooKISUNKlWaJvyIloMwrXgYhY.roa
Signing time: Mon 18 Nov 2024 10:47:10 +0000
ROA not before: Mon 18 Nov 2024 10:47:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204137
IP address blocks: 134.19.128.0/21 maxlen: 21
134.19.128.0/23 maxlen: 23
134.19.130.0/23 maxlen: 23
134.19.132.0/23 maxlen: 23
134.19.134.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3e:e2:2e:12:40:83:e2:31:04:8f:96:23:9d:91:6b:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Nov 18 10:47:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b95a2828849434a956689bf2225a0cc2b5e06216
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2f:c0:51:20:86:7a:b8:8a:d3:10:55:60:0e:
32:c9:be:06:c0:3b:0f:e6:a9:92:d5:d9:38:5e:6d:
9c:0e:7e:40:e7:9a:0d:99:d3:c8:92:f4:39:0b:00:
f4:ba:8f:14:2e:43:d2:20:ae:e6:42:3b:01:dc:64:
25:e2:3b:be:cf:00:4a:c9:d6:9a:6f:80:30:47:b0:
b0:0c:da:2b:e0:a4:ff:b6:ca:66:be:36:f8:a4:a6:
07:20:38:b0:de:00:28:e0:f8:6a:2e:5f:3a:04:43:
65:70:b5:6f:bd:0d:74:94:9b:8c:4c:3f:82:55:5b:
0f:af:26:00:43:b2:15:74:5d:b4:d8:08:16:0e:48:
25:e6:81:f1:14:28:ab:4d:f4:cc:14:42:b8:06:a0:
d1:31:98:69:96:f1:82:94:f7:4e:34:5e:bf:89:e7:
96:c3:16:1a:78:37:87:2a:29:98:2b:3a:b0:39:2a:
9e:93:39:e6:d2:62:b4:2c:5a:d3:81:98:b9:bc:f9:
38:9a:3c:79:67:b2:20:bd:fe:28:17:fa:a4:10:7e:
5d:12:fc:8f:a4:ac:5f:6e:97:07:cf:32:52:9d:84:
42:8a:36:92:43:7d:7c:5e:3f:de:76:31:15:72:48:
53:36:22:9e:58:1a:ec:5c:fc:17:85:73:7c:fb:19:
82:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:5A:28:28:84:94:34:A9:56:68:9B:F2:22:5A:0C:C2:B5:E0:62:16
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/uVooKISUNKlWaJvyIloMwrXgYhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.19.128.0/21
Signature Algorithm: sha256WithRSAEncryption
c4:0d:1c:2a:e1:0c:11:92:47:d2:7a:e5:71:52:7a:03:51:5c:
12:aa:03:4b:40:12:37:4b:e4:c2:d3:83:7f:cf:a0:cf:d2:62:
82:6e:b1:2f:b2:39:ee:59:3b:c3:6b:6c:46:55:f2:eb:4c:9f:
a5:46:e8:c4:8b:68:bd:ca:7f:71:d0:14:24:4d:d9:2f:78:90:
c0:94:75:53:fa:12:82:30:da:45:cb:29:60:bb:fd:e0:7f:93:
84:0a:62:0a:dc:d4:95:ca:e2:6e:70:23:5a:a9:c7:42:04:39:
96:58:3e:4b:ed:bf:61:30:e9:7e:3a:b5:91:64:c1:0a:0e:ed:
fd:33:f0:53:e8:1c:7c:f9:eb:67:44:95:1e:fa:c7:3a:ed:87:
2d:55:a1:d8:5a:77:84:21:f9:75:b0:c8:15:61:6e:07:41:0f:
9c:67:3e:39:c2:67:e6:cc:65:1c:16:cd:06:03:1b:48:9f:e3:
08:d1:72:3a:df:2a:03:6b:85:f3:c1:a1:3c:c6:15:7b:9c:1b:
cd:95:ed:bf:3c:f9:63:a6:56:10:e0:22:5e:ff:9d:d9:bc:7b:
c9:4d:93:b6:f2:72:9a:62:b5:3b:6e:87:32:06:4d:f8:37:4c:
2e:02:55:37:5d:82:d4:97:d8:85:78:18:a3:37:d2:47:32:24:
15:7a:05:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZM+4i4SQIPiMQSPliOdkWupMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQxMTE4MTA0NzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTVhMjgyODg0OTQzNGE5NTY2ODliZjIyMjVhMGNjMmI1ZTA2MjE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny/AUSCGeriK0xBVYA4yyb4GwDsP
5qmS1dk4Xm2cDn5A55oNmdPIkvQ5CwD0uo8ULkPSIK7mQjsB3GQl4ju+zwBKydaa
b4AwR7CwDNor4KT/tspmvjb4pKYHIDiw3gAo4PhqLl86BENlcLVvvQ10lJuMTD+C
VVsPryYAQ7IVdF202AgWDkgl5oHxFCirTfTMFEK4BqDRMZhplvGClPdONF6/ieeW
wxYaeDeHKimYKzqwOSqekznm0mK0LFrTgZi5vPk4mjx5Z7Igvf4oF/qkEH5dEvyP
pKxfbpcHzzJSnYRCijaSQ318Xj/edjEVckhTNiKeWBrsXPwXhXN8+xmCkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLlaKCiElDSpVmib8iJaDMK14GIWMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvdVZvb0tJU1VOS2xXYUp2eUlsb013clhnWWhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDhhOAMA0G
CSqGSIb3DQEBCwUAA4IBAQDEDRwq4QwRkkfSeuVxUnoDUVwSqgNLQBI3S+TC04N/
z6DP0mKCbrEvsjnuWTvDa2xGVfLrTJ+lRujEi2i9yn9x0BQkTdkveJDAlHVT+hKC
MNpFyylgu/3gf5OECmIK3NSVyuJucCNaqcdCBDmWWD5L7b9hMOl+OrWRZMEKDu39
M/BT6Bx8+etnRJUe+sc67YctVaHYWneEIfl1sMgVYW4HQQ+cZz45wmfmzGUcFs0G
AxtIn+MI0XI63yoDa4XzwaE8xhV7nBvNle2/PPljplYQ4CJe/53ZvHvJTZO28nKa
YrU7bocyBk34N0wuAlU3XYLUl9iFeBijN9JHMiQVegVF
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:17 2025 by rpki-client